Two years ago this week, John Smith wrote to us: > When I sign using keytool.exe version 3.10 it signs OK,
> When I sign using keytool.exe version 3.11 it throws this error: > > using certificate directory: C:\Documents and > Settings\myusername\Application > Data\Mozilla\Firefox\Profiles\vsw8mp7m.default > signtool: function failed: An I/O error occurred during security > authorization. > I have tried 3.10 with -X option and it works fine. 3.11 still gives the > same error message. > > That's it. Works fine for me now. Just today I finally experienced this, and figured out the cause. The problem only occurs under a specific set of circumstances which are unusual for an NSS developer to ever encounter. However, they are the very circumstances in which a typical Solaris user uses signtool. It requires that NSS's shared libraries not be in the same directory where the signtool executable lives, nor in ../lib (relative to the directory where signtool lives) nor (evidently) in the LD_LIBRARY_PATH. These conditions are not true if you use freshly built NSS bits, or if you use NSS bits from the zip/tar distributions. They are true on Solaris, where the shared libraries live in /usr/lib/mps and the executable program files live in /usr/sfw/bin. There are several possible workarounds, all simple. Simply copy (don't symlink) the signtool executable into some directory of your choice, and copy or symlink the NSS shared libraries into that directory also. Then run the executable from that directory. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
